Package: packagekit-backend-aptcc Version: 0.7.4-4 Severity: grave Tags: security Justification: user security hole
/usr/share/PackageKit/helpers/aptcc/pkconffile uses a tempfile with a fixed name in /tmp, which means anyone could create a /tmp/pkconffile.templates symlink and have root trash the contents of the linked file. You need to use mktemp (or File::Temp or however it's called in perl). Cheers, Julien -- System Information: Debian Release: wheezy/sid APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'proposed-updates'), (500, 'unstable'), (500, 'testing'), (500, 'stable'), (101, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 3.2.0-2-amd64 (SMP w/2 CPU cores) Locale: LANG=C, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages packagekit-backend-aptcc depends on: ii app-install-data 2010.11.17 ii libapt-inst1.5 0.9.6 ii libapt-pkg4.12 0.9.6 ii libc6 2.13-33 ii libgcc1 1:4.7.1-1 ii libglib2.0-0 2.32.3-1 ii libgstreamer0.10-0 0.10.36-1 ii libstdc++6 4.7.1-1 ii libxml2 2.8.0+dfsg1-4 ii python 2.7.3~rc2-1 ii python-packagekit 0.7.4-4 Versions of packages packagekit-backend-aptcc recommends: ii apt-xapian-index 0.45 ii packagekit 0.7.4-4 Versions of packages packagekit-backend-aptcc suggests: ii gdebi-core 0.8.5 -- no debconf information -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
